From 017783cd825bea7fafdab5db8b54cbfa460d9321 Mon Sep 17 00:00:00 2001 From: smitapaloalto <156162707+smitapaloalto@users.noreply.github.com> Date: Mon, 2 Dec 2024 10:52:46 +0530 Subject: [PATCH 1/3] RLP-152066 changes --- .../cspm/UVEDashboardMicroService.json | 1310 ++++++++++------- 1 file changed, 754 insertions(+), 556 deletions(-) diff --git a/openapi-specs/cspm/UVEDashboardMicroService.json b/openapi-specs/cspm/UVEDashboardMicroService.json index 838eae1f0..2fcb2e57d 100644 --- a/openapi-specs/cspm/UVEDashboardMicroService.json +++ b/openapi-specs/cspm/UVEDashboardMicroService.json @@ -7,8 +7,7 @@ }, "tags": [ { - "name": "Vulnerabilities Dashboard", - "description": "UVE Dashboard Widgets" + "name": "Vulnerabilities Dashboard" } ], "paths": { @@ -20,7 +19,16 @@ "summary": "Get C2C Trace Asset Graph", "description": "Returns the relation between the assets from code to cloud stages\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", "operationId": "c2c-trace-api", - "parameters": [], + "parameters": [ + { + "name": "x-redlock-auth", + "in": "header", + "required": true, + "schema": { + "type": "string" + } + } + ], "requestBody": { "content": { "application/json": { @@ -80,6 +88,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -90,14 +108,14 @@ "x-public": "true" } }, - "/uve/api/v1/cve-overview": { + "/uve/api/v1/dashboard/vulnerabilities/cve-overview": { "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Cve Overview V2", - "description": "Get the detailed information for a given cve. This endpoint returns additional information, such as EPSS details, CVSS details, exploit details, and environment factors, compared to the [Get CVE Overview](https://pan.dev/prisma-cloud/api/cspm/cve-overview/) endpoint. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/cve-overview-v-3/)**\n:::\n\n", - "operationId": "cve-overview-v-2", + "summary": "Get Cve Overview", + "description": "Get the overview of the CVE with its CVSS score, the impacted stages, severity, risk factors, the package name, and the distributions affected by this CVE. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/cve-overview-v-3/)**\n:::\n\n", + "operationId": "cve-overview", "parameters": [ { "name": "cve_id", @@ -153,7 +171,7 @@ { "name": "severities", "in": "query", - "description": "Severity", + "description": "Severities", "required": false, "explode": true, "schema": { @@ -176,7 +194,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/CveOverviewV2" + "$ref": "#/components/schemas/CveOverview" } } } @@ -220,6 +238,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -231,14 +259,14 @@ "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/cve-overview": { + "/uve/api/v1/cve-overview": { "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Cve Overview", - "description": "Get the overview of the CVE with its CVSS score, the impacted stages, severity, risk factors, the package name, and the distributions affected by this CVE. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/cve-overview-v-3/)**\n:::\n\n", - "operationId": "cve-overview", + "summary": "Get Cve Overview V2", + "description": "Get the detailed information for a given cve. This endpoint returns additional information, such as EPSS details, CVSS details, exploit details, and environment factors, compared to the [Get CVE Overview](https://pan.dev/prisma-cloud/api/cspm/cve-overview/) endpoint. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/cve-overview-v-3/)**\n:::\n\n", + "operationId": "cve-overview-v-2", "parameters": [ { "name": "cve_id", @@ -294,7 +322,7 @@ { "name": "severities", "in": "query", - "description": "Severity", + "description": "Severities", "required": false, "explode": true, "schema": { @@ -317,7 +345,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/CveOverview" + "$ref": "#/components/schemas/CveOverviewV2" } } } @@ -361,6 +389,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -372,83 +410,24 @@ "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/impact-stage": { - "get": { + "/uve/api/v2/cve-overview": { + "post": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Vulnerability Impact by Stage", - "description": "Returns a summary of vulnerability across app stages of your application lifecycle. \n:::info\n **Replacement Endpoint: [Get Vulnerability Impact by Stage - POST](/prisma-cloud/api/cspm/vulnerability-impact-by-stage-v-2/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "vulnerability-impact-by-stage", - "parameters": [ - { - "name": "asset_type", - "in": "query", - "description": "Asset Type", - "required": false, - "explode": true, - "schema": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "package", - "iac", - "deployedImage", - "vmImage", - "registryImage", - "host", - "serverlessFunction" - ] - } - } - }, - { - "name": "life_cycle", - "in": "query", - "description": "Life Cycle", - "required": false, - "explode": true, - "schema": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "code", - "build", - "deploy", - "run" - ] - } - } - }, - { - "name": "severities", - "in": "query", - "description": "Severity", - "required": false, - "explode": true, - "schema": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "critical", - "medium", - "high", - "low" - ] - } - } - } - ], + "summary": "Get CVE Overview - POST", + "description": "Get the detailed information for a given cve. This endpoint returns information, such as EPSS details, CVSS details, exploit details, and environment factors. This API supports the additional filters like accountGroup and accountIds when compared to the [Get CVE Overview V2](https://pan.dev/prisma-cloud/api/cspm/cve-overview-v-2/) endpoint", + "operationId": "cve-overview-v-3", + "requestBody": { + "$ref": "#/components/requestBodies/WidgetRequestSidecar" + }, "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/ImpactByStageResponse" + "$ref": "#/components/schemas/CveOverviewV2" } } } @@ -492,6 +471,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -499,18 +488,17 @@ "x-redlock-auth": [] } ], - "deprecated": true, "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/overview": { + "/uve/api/v2/dashboard/vulnerabilities/burndown": { "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Vulnerability Overview", - "description": "Returns a summary of the total vulnerabilities in your environment which is further divided into Vulnerabilities by Asset and Vulnerabilities that have already been remediated. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/vulnerability-dashboard-overview-v-4/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "vulnerability-dashboard-overview", + "summary": "Get Vulnerabilities Burndown", + "description": "Returns the total count of vulnerabilities and the count of remediated vulnerabilities over the past 30 days.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "get-burndown", "parameters": [ { "name": "asset_type", @@ -554,13 +542,22 @@ } }, { - "name": "risk_factors", + "name": "severities", "in": "query", - "description": "Risk Factors", + "description": "Severities", "required": false, - "example": "Critical severity, Package in use", + "explode": true, "schema": { - "type": "ref" + "type": "array", + "items": { + "type": "string", + "enum": [ + "critical", + "medium", + "high", + "low" + ] + } } } ], @@ -570,7 +567,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/OverviewWidget" + "$ref": "#/components/schemas/BurndownTrend" } } } @@ -614,6 +611,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -621,69 +628,27 @@ "x-redlock-auth": [] } ], - "deprecated": true, "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/prioritised": { - "get": { + "/uve/api/v1/dashboard/vulnerabilities/vuln-assets": { + "post": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Prioritized Vulnerabilities V1", - "description": "Returns the count of top-priority vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use. \n:::info\n **Replacement Endpoint: [Get Prioritized Vulnerabilities - POST](/prisma-cloud/api/cspm/prioritised-vulnerability-v-5/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "prioritised-vulnerability", - "parameters": [ - { - "name": "asset_type", - "in": "query", - "description": "Asset Type", - "required": false, - "example": "packages,serverless", - "explode": true, - "schema": { - "type": "array", - "items": { - "type": "string" - } - } - }, - { - "name": "life_cycle", - "in": "query", - "description": "Life Cycle", - "required": false, - "example": "code,build,deploy,run", - "explode": true, - "schema": { - "type": "array", - "items": { - "type": "string" - } - } - }, - { - "name": "risk_factors", - "in": "query", - "description": "Risk Factors", - "required": false, - "example": "Critical severity, Package in use", - "explode": true, - "schema": { - "type": "array", - "items": { - "type": "string" - } - } - } - ], + "summary": "Get Vulnerable Assets by CVE", + "description": "Get the list of all the assets affected by the CVE. \n:::info\n **Replacement Endpoint: [Get Vulnerable Assets by CVE V2](/prisma-cloud/api/cspm/list-vulnerable-assets-cve-v-2/)**\n:::\n\n", + "operationId": "list-vulnerable-assets-cve", + "requestBody": { + "$ref": "#/components/requestBodies/AssetsSearchRequest" + }, "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/PrioritizedVulnerabilities" + "$ref": "#/components/schemas/VulnAssetsSidecarResponse" } } } @@ -727,6 +692,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -738,49 +713,24 @@ "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/prioritised-vuln": { - "get": { + "/uve/api/v1/vuln-assets": { + "post": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Top Impacting Vulnerabilities", - "description": "Returns the CVEs of top critical vulnerabilities in your environment based on the risk score. Each CVE includes risk factors, severity, CVSS, risk factors, and assets impacted.\n:::info\n **Replacement Endpoint: [Get Top Impacting Vulnerabilities - POST](/prisma-cloud/api/cspm/top-prioritised-vulnerability-v-3/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "top-prioritised-vulnerability", - "parameters": [ - { - "name": "life_cycle", - "in": "query", - "description": "Life Cycle", - "required": true, - "example": "code,build,deploy,run", - "explode": true, - "schema": { - "type": "array", - "items": { - "type": "string" - } - } - }, - { - "name": "topN", - "in": "query", - "description": "TopN", - "required": false, - "example": 5, - "schema": { - "type": "integer", - "format": "int32", - "default": 5 - } - } - ], + "summary": "Get Vulnerable Assets by CVE V2", + "description": "Get the list of all the assets affected by the CVE. This API supports the account group and account Id filters in addition to the filters we have in the [Get Vulnerable Assets by CVE](https://pan.dev/prisma-cloud/api/cspm/list-vulnerable-assets-cve/) endpoint.", + "operationId": "list-vulnerable-assets-cve-v-2", + "requestBody": { + "$ref": "#/components/requestBodies/AssetsSearchRequest" + }, "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/TopPrioritizedVulnerabilities" + "$ref": "#/components/schemas/VulnAssetsSidecarResponse" } } } @@ -824,6 +774,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -831,28 +791,68 @@ "x-redlock-auth": [] } ], - "deprecated": true, "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/vuln-assets": { - "post": { + "/uve/api/v1/dashboard/vulnerabilities/prioritised": { + "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Vulnerable Assets by CVE", - "description": "Get the list of all the assets affected by the CVE. \n:::info\n **Replacement Endpoint: [Get Vulnerable Assets by CVE V2](/prisma-cloud/api/cspm/list-vulnerable-assets-cve-v-2/)**\n:::\n\n", - "operationId": "list-vulnerable-assets-cve", - "requestBody": { - "$ref": "#/components/requestBodies/AssetsSearchRequest" - }, + "summary": "Get Prioritized Vulnerabilities V1", + "description": "Returns the count of top-priority vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use. \n:::info\n **Replacement Endpoint: [Get Prioritized Vulnerabilities - POST](/prisma-cloud/api/cspm/prioritised-vulnerability-v-5/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "prioritised-vulnerability", + "parameters": [ + { + "name": "asset_type", + "in": "query", + "description": "Asset Type", + "required": false, + "example": "packages,serverless", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + }, + { + "name": "life_cycle", + "in": "query", + "description": "Life Cycle", + "required": false, + "example": "code,build,deploy,run", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + }, + { + "name": "risk_factors", + "in": "query", + "description": "Risk Factors", + "required": false, + "example": "Critical severity, Package in use", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + } + ], "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/VulnAssetsSidecarResponse" + "$ref": "#/components/schemas/PrioritizedVulnerabilities" } } } @@ -896,6 +896,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -907,14 +917,14 @@ "x-public": "true" } }, - "/uve/api/v1/dashboard/vulnerabilities/vulnerableAsset": { + "/uve/api/v2/dashboard/vulnerabilities/prioritised": { "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Vulnerable Assets", - "description": "Returns a summary of vulnerable assets and detailed vulnerability statistics, including the total number of vulnerabilities by severity, registry count, package count, repository count, and more, across different stages of your application lifecycle.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "vulnerable-assets", + "summary": "Get Prioritized Vulnerabilities V2", + "description": "Returns the top-priority unique vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use along with the number of assets they occur in. \n:::info\n **Replacement Endpoint: [Get Prioritized Vulnerabilities - POST](/prisma-cloud/api/cspm/prioritised-vulnerability-v-5/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "prioritised-vulnerability-v-2", "parameters": [ { "name": "asset_type", @@ -958,21 +968,16 @@ } }, { - "name": "severities", + "name": "risk_factors", "in": "query", - "description": "Severity", + "description": "Risk Factors", "required": false, + "example": "Critical severity, Package in use", "explode": true, "schema": { "type": "array", "items": { - "type": "string", - "enum": [ - "critical", - "medium", - "high", - "low" - ] + "type": "string" } } } @@ -983,7 +988,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/VulnerableAsset" + "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV2" } } } @@ -1027,6 +1032,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -1038,24 +1053,64 @@ "x-public": "true" } }, - "/uve/api/v1/vuln-assets": { - "post": { + "/uve/api/v3/dashboard/vulnerabilities/prioritised": { + "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Vulnerable Assets by CVE V2", - "description": "Get the list of all the assets affected by the CVE. This API supports the account group and account Id filters in addition to the filters we have in the [Get Vulnerable Assets by CVE](https://pan.dev/prisma-cloud/api/cspm/list-vulnerable-assets-cve/) endpoint.", - "operationId": "list-vulnerable-assets-cve-v-2", - "requestBody": { - "$ref": "#/components/requestBodies/AssetsSearchRequest" - }, + "summary": "Get Prioritized Vulnerabilities V3", + "description": "Returns the top-priority unique vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use along with the number of assets they occur in. This endpoint also returns vulnerabilities based on internet exposure, in addition to those from [Get Prioritized Vulnerabilities V2](https://pan.dev/prisma-cloud/api/cspm/prioritised-vulnerability-v-2/). \n:::info\n **Replacement Endpoint: [Get Prioritized Vulnerabilities - POST](/prisma-cloud/api/cspm/prioritised-vulnerability-v-5/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "prioritised-vulnerability-v-3", + "parameters": [ + { + "name": "asset_type", + "in": "query", + "description": "Asset Type", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] + } + } + }, + { + "name": "life_cycle", + "in": "query", + "description": "Life Cycle", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "code", + "build", + "deploy", + "run" + ] + } + } + } + ], "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/VulnAssetsSidecarResponse" + "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" } } } @@ -1099,6 +1154,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -1106,33 +1171,68 @@ "x-redlock-auth": [] } ], + "deprecated": true, "x-public": "true" } }, - "/uve/api/v2/cve-overview": { - "post": { + "/uve/api/v4/dashboard/vulnerabilities/prioritised": { + "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get CVE Overview - POST", - "description": "Get the detailed information for a given cve. This endpoint returns information, such as EPSS details, CVSS details, exploit details, and environment factors. This API supports the additional filters like accountGroup and accountIds when compared to the [Get CVE Overview V2](https://pan.dev/prisma-cloud/api/cspm/cve-overview-v-2/) endpoint", - "operationId": "cve-overview-v-3", - "requestBody": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/WidgetRequestSidecar" + "summary": "Get Prioritized Vulnerabilities V4", + "description": "Returns the top-priority vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, internet exposed and vulnerable packages in use along with the number of assets they occur in. \n:::info\n **Replacement Endpoint: [Get Prioritized Vulnerabilities - POST](/prisma-cloud/api/cspm/prioritised-vulnerability-v-5/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "prioritised-vulnerability-v-4", + "parameters": [ + { + "name": "asset_type", + "in": "query", + "description": "Asset Type", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] + } + } + }, + { + "name": "life_cycle", + "in": "query", + "description": "Life Cycle", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "code", + "build", + "deploy", + "run" + ] } } } - }, + ], "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/CveOverviewV2" + "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" } } } @@ -1176,81 +1276,45 @@ } } } - } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + } }, "security": [ { "x-redlock-auth": [] } ], + "deprecated": true, "x-public": "true" } }, - "/uve/api/v2/dashboard/vulnerabilities/burndown": { - "get": { + "/uve/api/v5/dashboard/vulnerabilities/prioritised": { + "post": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Vulnerabilities Burndown", - "description": "Returns the total count of vulnerabilities and the count of remediated vulnerabilities over the past 30 days.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "get-burndown", - "parameters": [ - { - "name": "asset_type", - "in": "query", - "description": "Asset Type", - "required": false, - "schema": { - "type": "ref", - "enum": [ - "package", - "iac", - "deployedImage", - "vmImage", - "registryImage", - "host", - "serverlessFunction" - ] - } - }, - { - "name": "life_cycle", - "in": "query", - "description": "Life Cycle", - "required": false, - "schema": { - "type": "ref", - "enum": [ - "code", - "build", - "deploy", - "run" - ] - } - }, - { - "name": "severity", - "in": "query", - "description": "Severity", - "required": false, - "schema": { - "type": "ref", - "enum": [ - "critical", - "medium", - "high", - "low" - ] - } - } - ], + "summary": "Get Prioritized Vulnerabilities - POST", + "description": "Returns the top-priority vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, internet exposed and vulnerable packages in use along with the number of assets they occur in. This API supports the account group and account Id filters in addition to the filters we have in the [Get Prioritized Vulnerabilities V4](https://pan.dev/prisma-cloud/api/cspm/prioritised-vulnerability-v-4/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "prioritised-vulnerability-v-5", + "requestBody": { + "$ref": "#/components/requestBodies/WidgetRequest" + }, "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/BurndownTrend" + "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" } } } @@ -1294,6 +1358,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -1304,24 +1378,49 @@ "x-public": "true" } }, - "/uve/api/v2/dashboard/vulnerabilities/impact-stage": { - "post": { + "/uve/api/v1/dashboard/vulnerabilities/prioritised-vuln": { + "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Vulnerability Impact by Stage - POST", - "description": "Returns a summary of vulnerability across app stages of your application lifecycle. This API supports the account group and account Id filters in addition to the filters we have in the [Get Vulnerability Impact by Stage](https://pan.dev/prisma-cloud/api/cspm/vulnerability-impact-by-stage/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "vulnerability-impact-by-stage-v-2", - "requestBody": { - "$ref": "#/components/requestBodies/WidgetRequest" - }, + "summary": "Get Top Impacting Vulnerabilities", + "description": "Returns the CVEs of top critical vulnerabilities in your environment based on the risk score. Each CVE includes risk factors, severity, CVSS, risk factors, and assets impacted.\n:::info\n **Replacement Endpoint: [Get Top Impacting Vulnerabilities - POST](/prisma-cloud/api/cspm/top-prioritised-vulnerability-v-3/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "top-prioritised-vulnerability", + "parameters": [ + { + "name": "life_cycle", + "in": "query", + "description": "Life Cycle", + "required": true, + "example": "code,build,deploy,run", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + }, + { + "name": "topN", + "in": "query", + "description": "TopN", + "required": false, + "example": 5, + "schema": { + "type": "integer", + "format": "int32", + "default": 5 + } + } + ], "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/ImpactByStageResponse" + "$ref": "#/components/schemas/TopPrioritizedVulnerabilities" } } } @@ -1365,6 +1464,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -1372,24 +1481,79 @@ "x-redlock-auth": [] } ], + "deprecated": true, "x-public": "true" } }, - "/uve/api/v2/dashboard/vulnerabilities/overview": { + "/uve/api/v2/dashboard/vulnerabilities/prioritised-vuln": { "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Vulnerability Overview V2", - "description": "Returns a summary of the total runtime vulnerabilities in your environment which is further divided into runtime Vulnerabilities by Asset and Vulnerabilities that have already been remediated. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/vulnerability-dashboard-overview-v-4/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "vulnerability-dashboard-overview-v-2", + "summary": "Get Top Impacting Vulnerabilities V2", + "description": "Returns the CVEs of top critical vulnerabilities in your environment based on the risk score. Each CVE includes risk factors, epssScore, severity, CVSS, risk factors, and assets impacted. This endpoint returns the epss score details in addition to those from [Get Top Impacting Vulnerabilities](https://pan.dev/prisma-cloud/api/cspm/prioritised-vulnerability-v-2/).\n:::info\n **Replacement Endpoint: [Get Top Impacting Vulnerabilities - POST](/prisma-cloud/api/cspm/top-prioritised-vulnerability-v-3/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "top-prioritised-vulnerability-v-2", + "parameters": [ + { + "name": "topN", + "in": "query", + "description": "TopN", + "required": true, + "example": 5, + "schema": { + "type": "integer", + "format": "int32" + } + }, + { + "name": "life_cycle", + "in": "query", + "description": "Life Cycle", + "required": true, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "code", + "build", + "deploy", + "run" + ] + } + } + }, + { + "name": "asset_type", + "in": "query", + "description": "Asset Type", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] + } + } + } + ], "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/OverviewWidgetV2" + "$ref": "#/components/schemas/TopPrioritizedVulnerabilitiesV2" } } } @@ -1433,6 +1597,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -1444,78 +1618,30 @@ "x-public": "true" } }, - "/uve/api/v2/dashboard/vulnerabilities/prioritised": { - "get": { + "/uve/api/v3/dashboard/vulnerabilities/prioritised-vuln": { + "post": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Prioritized Vulnerabilities V2", - "description": "Returns the top-priority unique vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use along with the number of assets they occur in. \n:::info\n **Replacement Endpoint: [Get Prioritized Vulnerabilities - POST](/prisma-cloud/api/cspm/prioritised-vulnerability-v-5/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "prioritised-vulnerability-v-2", - "parameters": [ - { - "name": "asset_type", - "in": "query", - "description": "Asset Type", - "required": false, - "explode": true, - "schema": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "package", - "iac", - "deployedImage", - "vmImage", - "registryImage", - "host", - "serverlessFunction" - ] - } - } - }, - { - "name": "life_cycle", - "in": "query", - "description": "Life Cycle", - "required": false, - "explode": true, - "schema": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "code", - "build", - "deploy", - "run" - ] - } - } - }, - { - "name": "risk_factors", - "in": "query", - "description": "Risk Factors", - "required": false, - "example": "Critical severity, Package in use", - "explode": true, - "schema": { - "type": "array", - "items": { - "type": "string" + "summary": "Get Top Impacting Vulnerabilities - POST", + "description": "Returns the CVEs of top critical vulnerabilities in your environment based on the risk score. Each CVE includes risk factors, epssScore, severity, CVSS, EPSS, risk factors, and assets impacted. This API supports the account group and account Id filters in addition to the filters we have in the [Get Top Impacting Vulnerabilities V2](https://pan.dev/prisma-cloud/api/cspm/top-prioritised-vulnerability-v-2/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "top-prioritised-vulnerability-v-3", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/WidgetRequestTopN" } } } - ], + }, "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV2" + "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" } } } @@ -1559,6 +1685,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -1566,35 +1702,45 @@ "x-redlock-auth": [] } ], - "deprecated": true, "x-public": "true" } }, - "/uve/api/v2/dashboard/vulnerabilities/prioritised-vuln": { + "/uve/api/v1/dashboard/vulnerabilities/overview": { "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Top Impacting Vulnerabilities V2", - "description": "Returns the CVEs of top critical vulnerabilities in your environment based on the risk score. Each CVE includes risk factors, epssScore, severity, CVSS, risk factors, and assets impacted. This endpoint returns the epss score details in addition to those from [Get Top Impacting Vulnerabilities](https://pan.dev/prisma-cloud/api/cspm/prioritised-vulnerability-v-2/).\n:::info\n **Replacement Endpoint: [Get Top Impacting Vulnerabilities - POST](/prisma-cloud/api/cspm/top-prioritised-vulnerability-v-3/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "top-prioritised-vulnerability-v-2", + "summary": "Get Vulnerability Overview", + "description": "Returns a summary of the total vulnerabilities in your environment which is further divided into Vulnerabilities by Asset and Vulnerabilities that have already been remediated. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/vulnerability-dashboard-overview-v-4/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerability-dashboard-overview", "parameters": [ { - "name": "topN", + "name": "asset_type", "in": "query", - "description": "TopN", - "required": true, - "example": 5, + "description": "Asset Type", + "required": false, + "explode": true, "schema": { - "type": "integer", - "format": "int32" + "type": "array", + "items": { + "type": "string", + "enum": [ + "package", + "iac", + "deployedImage", + "vmImage", + "registryImage", + "host", + "serverlessFunction" + ] + } } }, { "name": "life_cycle", "in": "query", "description": "Life Cycle", - "required": true, + "required": false, "explode": true, "schema": { "type": "array", @@ -1610,25 +1756,13 @@ } }, { - "name": "asset_type", + "name": "risk_factors", "in": "query", - "description": "Asset Type", + "description": "Risk Factors", "required": false, - "explode": true, + "example": "Critical severity, Package in use", "schema": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "package", - "iac", - "deployedImage", - "vmImage", - "registryImage", - "host", - "serverlessFunction" - ] - } + "type": "ref" } } ], @@ -1638,7 +1772,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/TopPrioritizedVulnerabilitiesV2" + "$ref": "#/components/schemas/OverviewWidget" } } } @@ -1682,6 +1816,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -1693,24 +1837,21 @@ "x-public": "true" } }, - "/uve/api/v2/dashboard/vulnerabilities/vulnerableAsset": { - "post": { + "/uve/api/v2/dashboard/vulnerabilities/overview": { + "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Vulnerable Assets Stats - POST", - "description": "Returns overall stats like total vulnerabilities, total assets, vulnerability by severity across the life stage (code, build, deploy and run) per cloud provider. This API supports the account group and account Id filters in addition to the filters we have in the [Get Vulnerable Assets](https://pan.dev/prisma-cloud/api/cspm/vulnerable-assets/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "vulnerable-assets-v-2", - "requestBody": { - "$ref": "#/components/requestBodies/WidgetRequest" - }, + "summary": "Get Vulnerability Overview V2", + "description": "Returns a summary of the total runtime vulnerabilities in your environment which is further divided into runtime Vulnerabilities by Asset and Vulnerabilities that have already been remediated. \n:::info\n **Replacement Endpoint: [Get CVE Overview - POST](/prisma-cloud/api/cspm/vulnerability-dashboard-overview-v-4/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerability-dashboard-overview-v-2", "responses": { "200": { "description": "Success", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/VulnerableAsset" + "$ref": "#/components/schemas/OverviewWidgetV2" } } } @@ -1754,6 +1895,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -1761,6 +1912,7 @@ "x-redlock-auth": [] } ], + "deprecated": true, "x-public": "true" } }, @@ -1800,22 +1952,104 @@ "type": "string" } } - }, + }, + { + "name": "severities", + "in": "query", + "description": "Severities", + "required": false, + "example": "critical,high", + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + } + ], + "responses": { + "200": { + "description": "Success", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/OverviewWidgetV3" + } + } + } + }, + "400": { + "description": "Bad request", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "401": { + "description": "Unauthorized", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "403": { + "description": "User doesn't have required role", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "429": { + "description": "Rate Limit Exceeded", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } + } + }, + "security": [ { - "name": "severities", - "in": "query", - "description": "Severity", - "required": false, - "example": "critical,high", - "explode": true, - "schema": { - "type": "array", - "items": { - "type": "string" - } - } + "x-redlock-auth": [] } ], + "deprecated": true, + "x-public": "true" + } + }, + "/uve/api/v4/dashboard/vulnerabilities/overview": { + "post": { + "tags": [ + "Vulnerabilities Dashboard" + ], + "summary": "Get Vulnerability Overview - POST", + "description": "Returns a summary of the total unique vulnerabilities, the count of vulnerabilities, and the count of remediated vulnerabilities, including a breakdown by severity for each category. The percentage reflects the change between the current data and the data from seven days prior. This API supports the account group and account Id filters in addition to the filters we have in the [Get Vulnerability Overview V3](https://pan.dev/prisma-cloud/api/cspm/vulnerability-dashboard-overview-v-3/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerability-dashboard-overview-v-4", + "requestBody": { + "$ref": "#/components/requestBodies/WidgetRequest" + }, "responses": { "200": { "description": "Success", @@ -1866,6 +2100,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -1873,18 +2117,17 @@ "x-redlock-auth": [] } ], - "deprecated": true, "x-public": "true" } }, - "/uve/api/v3/dashboard/vulnerabilities/prioritised": { + "/uve/api/v1/dashboard/vulnerabilities/impact-stage": { "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Prioritized Vulnerabilities V3", - "description": "Returns the top-priority unique vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, and vulnerable packages in use along with the number of assets they occur in. This endpoint also returns vulnerabilities based on internet exposure, in addition to those from [Get Prioritized Vulnerabilities V2](https://pan.dev/prisma-cloud/api/cspm/prioritised-vulnerability-v-2/). \n:::info\n **Replacement Endpoint: [Get Prioritized Vulnerabilities - POST](/prisma-cloud/api/cspm/prioritised-vulnerability-v-5/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "prioritised-vulnerability-v-3", + "summary": "Get Vulnerability Impact by Stage", + "description": "Returns a summary of vulnerability across app stages of your application lifecycle. \n:::info\n **Replacement Endpoint: [Get Vulnerability Impact by Stage - POST](/prisma-cloud/api/cspm/vulnerability-impact-by-stage-v-2/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerability-impact-by-stage", "parameters": [ { "name": "asset_type", @@ -1926,6 +2169,25 @@ ] } } + }, + { + "name": "severities", + "in": "query", + "description": "Severities", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "critical", + "medium", + "high", + "low" + ] + } + } } ], "responses": { @@ -1934,7 +2196,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" + "$ref": "#/components/schemas/ImpactByStageResponse" } } } @@ -1978,77 +2240,9 @@ } } } - } - }, - "security": [ - { - "x-redlock-auth": [] - } - ], - "deprecated": true, - "x-public": "true" - } - }, - "/uve/api/v3/dashboard/vulnerabilities/prioritised-vuln": { - "post": { - "tags": [ - "Vulnerabilities Dashboard" - ], - "summary": "Get Top Impacting Vulnerabilities - POST", - "description": "Returns the CVEs of top critical vulnerabilities in your environment based on the risk score. Each CVE includes risk factors, epssScore, severity, CVSS, EPSS, risk factors, and assets impacted. This API supports the account group and account Id filters in addition to the filters we have in the [Get Top Impacting Vulnerabilities V2](https://pan.dev/prisma-cloud/api/cspm/top-prioritised-vulnerability-v-2/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "top-prioritised-vulnerability-v-3", - "requestBody": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/WidgetRequestTopN" - } - } - } - }, - "responses": { - "200": { - "description": "Success", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" - } - } - } - }, - "400": { - "description": "Bad request", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ApiErrorResponse" - } - } - } - }, - "401": { - "description": "Unauthorized", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ApiErrorResponse" - } - } - } - }, - "403": { - "description": "User doesn't have required role", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ApiErrorResponse" - } - } - } }, - "429": { - "description": "Rate Limit Exceeded", + "500": { + "description": "Internal Server Error", "content": { "application/json": { "schema": { @@ -2063,17 +2257,18 @@ "x-redlock-auth": [] } ], + "deprecated": true, "x-public": "true" } }, - "/uve/api/v4/dashboard/vulnerabilities/overview": { + "/uve/api/v2/dashboard/vulnerabilities/impact-stage": { "post": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Vulnerability Overview - POST", - "description": "Returns a summary of the total unique vulnerabilities, the count of vulnerabilities, and the count of remediated vulnerabilities, including a breakdown by severity for each category. The percentage reflects the change between the current data and the data from seven days prior. This API supports the account group and account Id filters in addition to the filters we have in the [Get Vulnerability Overview V3](https://pan.dev/prisma-cloud/api/cspm/vulnerability-dashboard-overview-v-3/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "vulnerability-dashboard-overview-v-4", + "summary": "Get Vulnerability Impact by Stage - POST", + "description": "Returns a summary of vulnerability across app stages of your application lifecycle. This API supports the account group and account Id filters in addition to the filters we have in the [Get Vulnerability Impact by Stage](https://pan.dev/prisma-cloud/api/cspm/vulnerability-impact-by-stage/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerability-impact-by-stage-v-2", "requestBody": { "$ref": "#/components/requestBodies/WidgetRequest" }, @@ -2083,7 +2278,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/OverviewWidgetV3" + "$ref": "#/components/schemas/ImpactByStageResponse" } } } @@ -2127,6 +2322,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -2137,14 +2342,14 @@ "x-public": "true" } }, - "/uve/api/v4/dashboard/vulnerabilities/prioritised": { + "/uve/api/v1/dashboard/vulnerabilities/vulnerableAsset": { "get": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Prioritized Vulnerabilities V4", - "description": "Returns the top-priority vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, internet exposed and vulnerable packages in use along with the number of assets they occur in. \n:::info\n **Replacement Endpoint: [Get Prioritized Vulnerabilities - POST](/prisma-cloud/api/cspm/prioritised-vulnerability-v-5/)**\n:::\n\n\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "prioritised-vulnerability-v-4", + "summary": "Get Vulnerable Assets", + "description": "Returns a summary of vulnerable assets and detailed vulnerability statistics, including the total number of vulnerabilities by severity, registry count, package count, repository count, and more, across different stages of your application lifecycle.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerable-assets", "parameters": [ { "name": "asset_type", @@ -2186,6 +2391,25 @@ ] } } + }, + { + "name": "severities", + "in": "query", + "description": "Severities", + "required": false, + "explode": true, + "schema": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "critical", + "medium", + "high", + "low" + ] + } + } } ], "responses": { @@ -2194,7 +2418,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" + "$ref": "#/components/schemas/VulnerableAsset" } } } @@ -2238,6 +2462,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -2249,16 +2483,16 @@ "x-public": "true" } }, - "/uve/api/v5/dashboard/vulnerabilities/prioritised": { + "/uve/api/v2/dashboard/vulnerabilities/vulnerableAsset": { "post": { "tags": [ "Vulnerabilities Dashboard" ], - "summary": "Get Prioritized Vulnerabilities - POST", - "description": "Returns the top-priority vulnerabilities which are aggregated based on the most urgent, exploitable, patchable, internet exposed and vulnerable packages in use along with the number of assets they occur in. This API supports the account group and account Id filters in addition to the filters we have in the [Get Prioritized Vulnerabilities V4](https://pan.dev/prisma-cloud/api/cspm/prioritised-vulnerability-v-4/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", - "operationId": "prioritised-vulnerability-v-5", + "summary": "Get Vulnerable Assets Stats - POST", + "description": "Returns overall stats like total vulnerabilities, total assets, vulnerability by severity across the life stage (code, build, deploy and run) per cloud provider. This API supports the account group and account Id filters in addition to the filters we have in the [Get Vulnerable Assets](https://pan.dev/prisma-cloud/api/cspm/vulnerable-assets/) endpoint.\n>**Note:** You need `vulnerabilityDashboard` feature with `View` permission to access this endpoint. Verify if your permission group includes this feature using the [Get Permission Group by ID](https://pan.dev/prisma-cloud/api/cspm/get-1/) endpoint. You can also check this in the Prisma Cloud console by ensuring that **Dashboard > Vulnerability** is enabled.", + "operationId": "vulnerable-assets-v-2", "requestBody": { - "$ref": "#/components/requestBodies/WidgetRequest" + "$ref": "#/components/requestBodies/WidgetRequestSidecar" }, "responses": { "200": { @@ -2266,7 +2500,7 @@ "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/PrioritizedVulnerabilitiesV3" + "$ref": "#/components/schemas/VulnerableAsset" } } } @@ -2310,6 +2544,16 @@ } } } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ApiErrorResponse" + } + } + } } }, "security": [ @@ -2323,6 +2567,15 @@ }, "components": { "requestBodies": { + "WidgetRequestSidecar": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/WidgetRequestSidecar" + } + } + } + }, "AssetsSearchRequest": { "content": { "application/json": { @@ -3649,7 +3902,7 @@ }, "accountNames": { "type": "array", - "description": "List of Account Names", + "description": "List of Account Name", "items": { "type": "string" } @@ -3717,7 +3970,7 @@ }, "accountNames": { "type": "array", - "description": "List of Account Names", + "description": "List of Account Name", "items": { "type": "string" } @@ -3786,7 +4039,7 @@ }, "accountNames": { "type": "array", - "description": "List of Account Names", + "description": "List of Account Name", "items": { "type": "string" } @@ -3800,61 +4053,6 @@ }, "description": "Request Model for Dashboard Widgets" } - }, - "securitySchemes": { - "x-redlock-auth": { - "description": "The x-redlock-auth value is a JSON Web Token (JWT).", - "in": "header", - "name": "x-redlock-auth", - "type": "apiKey" - } - } - }, - "servers": [ - { - "url": "https://api.prismacloud.io" - }, - { - "url": "https://api2.prismacloud.io" - }, - { - "url": "https://api3.prismacloud.io" - }, - { - "url": "https://api4.prismacloud.io" - }, - { - "url": "https://api.anz.prismacloud.io" - }, - { - "url": "https://api.eu.prismacloud.io" - }, - { - "url": "https://api2.eu.prismacloud.io" - }, - { - "url": "https://api.gov.prismacloud.io" - }, - { - "url": "https://api.prismacloud.cn" - }, - { - "url": "https://api.ca.prismacloud.io" - }, - { - "url": "https://api.sg.prismacloud.io" - }, - { - "url": "https://api.uk.prismacloud.io" - }, - { - "url": "https://api.ind.prismacloud.io" - }, - { - "url": "https://api.jp.prismacloud.io" - }, - { - "url": "https://api.fr.prismacloud.io" } - ] + } } From 21486add33f17103eb4d056c738cfe191ee8810a Mon Sep 17 00:00:00 2001 From: smitapaloalto <156162707+smitapaloalto@users.noreply.github.com> Date: Fri, 6 Dec 2024 11:57:01 +0530 Subject: [PATCH 2/3] RLP-149539 changes --- openapi-specs/cspm/IAMV2MicroService.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/openapi-specs/cspm/IAMV2MicroService.json b/openapi-specs/cspm/IAMV2MicroService.json index 81b973f98..f15b7d202 100644 --- a/openapi-specs/cspm/IAMV2MicroService.json +++ b/openapi-specs/cspm/IAMV2MicroService.json @@ -1395,7 +1395,7 @@ { "name": "resourceId", "in": "path", - "description": "The resource ID", + "description": "The resource ID. Encoded ARN for AWS, ID for Azure (examples: arn%3Aaws%3Aiam%3A%3AaccountId%3Arole%2FroleName, 1f50e22a-46b6-3ac9-174d-537287ed9523)", "required": true, "schema": { "type": "string" @@ -1504,7 +1504,7 @@ { "name": "resourceId", "in": "path", - "description": "The resource ID", + "description": "The resource ID. Encoded ARN for AWS, ID for Azure (examples: arn%3Aaws%3Aiam%3A%3AaccountId%3Arole%2FroleName, 1f50e22a-46b6-3ac9-174d-537287ed9523)", "required": true, "schema": { "type": "string", @@ -1639,7 +1639,7 @@ { "name": "resourceId", "in": "path", - "description": "The resource ID", + "description": "The resource ID. Encoded ARN for AWS, ID for Azure (examples: arn%3Aaws%3Aiam%3A%3AaccountId%3Arole%2FroleName, 1f50e22a-46b6-3ac9-174d-537287ed9523)", "required": true, "schema": { "type": "string" From c01e0da9afb5e29b4202b3077892d106c4cbb964 Mon Sep 17 00:00:00 2001 From: smitapaloalto <156162707+smitapaloalto@users.noreply.github.com> Date: Mon, 9 Dec 2024 15:14:16 +0530 Subject: [PATCH 3/3] Update IAMV2MicroService.json Signed-off-by: smitapaloalto <156162707+smitapaloalto@users.noreply.github.com> --- openapi-specs/cspm/IAMV2MicroService.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/openapi-specs/cspm/IAMV2MicroService.json b/openapi-specs/cspm/IAMV2MicroService.json index f15b7d202..7ae1500b4 100644 --- a/openapi-specs/cspm/IAMV2MicroService.json +++ b/openapi-specs/cspm/IAMV2MicroService.json @@ -1395,7 +1395,7 @@ { "name": "resourceId", "in": "path", - "description": "The resource ID. Encoded ARN for AWS, ID for Azure (examples: arn%3Aaws%3Aiam%3A%3AaccountId%3Arole%2FroleName, 1f50e22a-46b6-3ac9-174d-537287ed9523)", + "description": "The resource ID. Encoded ARN for AWS, ID for Azure (examples: arn:aws:iam::accountId:role/roleName, xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)", "required": true, "schema": { "type": "string" @@ -1504,7 +1504,7 @@ { "name": "resourceId", "in": "path", - "description": "The resource ID. Encoded ARN for AWS, ID for Azure (examples: arn%3Aaws%3Aiam%3A%3AaccountId%3Arole%2FroleName, 1f50e22a-46b6-3ac9-174d-537287ed9523)", + "description": "The resource ID. Encoded ARN for AWS, ID for Azure (examples: arn:aws:iam::accountId:role/roleName, xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)", "required": true, "schema": { "type": "string", @@ -1639,7 +1639,7 @@ { "name": "resourceId", "in": "path", - "description": "The resource ID. Encoded ARN for AWS, ID for Azure (examples: arn%3Aaws%3Aiam%3A%3AaccountId%3Arole%2FroleName, 1f50e22a-46b6-3ac9-174d-537287ed9523)", + "description": "The resource ID. Encoded ARN for AWS, ID for Azure (examples: arn:aws:iam::accountId:role/roleName, xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)", "required": true, "schema": { "type": "string"